Privileged accounts are accounts defined in machines, systems, and applications, that have high operation permissions. Privileged operation on many resources, which are on, or otherwise linked to a network, are only enabled by employing privileged accounts. Unauthorized use of a privileged account, and subsequent unauthorized access to a network resource, creates a legal liability and a business risk for an organization, as well as a security risk. Additionally, such unauthorized access may be indicative of an attack, for example, a hack, on the target resource of the enterprise.
Privileged accounts include shared and administrative accounts, including accounts used by service providers. Exemplary privileged accounts include root accounts, which are the most privileged accounts on Unix systems. A root account provides its users with the ability to carry out all aspects of system administration, such as adding, changing, terminating or deleting user accounts, changing user passwords, examining log, files, and installing software. Accordingly, the user, for example, the person or entity, with the root account, has almost absolute control over the system or resource which he has accessed via the root account. Another example of privileged accounts is the Local Administrator or the Domain Administrator accounts in Windows® machines and networks. Still other privileged accounts include administrator accounts for an organization's machines and/or applications and/or services in the cloud, which reside outside the organization's network.
Privileged accounts, such as root accounts, are often shared by groups of systems administrators. With privileged access to a group of individuals or entities, there is presented a challenge in action attribution, access control, activity monitoring, and other aspects of privileged account management. Moreover, many government and corporate regulations require that privileged accounts be managed, so that access is controlled, limiting unauthorized access and damage to the systems or resources, through which access is granted via the privileged accounts.